Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco secure access control system - vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-6695
The RBAC implementation in Cisco Secure Access Control System (ACS) does not properly verify privileges for support-bundle downloads, which allows remote authenticated users to obtain sensitive information via a download action, as demonstrated by obtaining read access to the use...
Cisco Secure Access Control System -
NA
CVE-2013-5536
Cisco Secure Access Control System (ACS) does not properly implement an incoming-packet firewall rule, which allows remote malicious users to cause a denial of service (process crash) via a flood of crafted packets, aka Bug ID CSCui51521.
Cisco Secure Access Control System -
NA
CVE-2013-5470
Cisco Secure Access Control System (ACS) does not properly handle requests to read from the TACACS+ socket, which allows remote malicious users to cause a denial of service (process crash) via malformed TCP packets, aka Bug ID CSCuh12488.
Cisco Secure Access Control System -
NA
CVE-2013-3428
The web interface in Cisco Secure Access Control System (ACS) does not properly suppress error-condition details, which allows remote authenticated users to obtain sensitive information via an unspecified request that triggers an error, aka Bug ID CSCue65957.
Cisco Secure Access Control System -
NA
CVE-2013-3422
Cross-site scripting (XSS) vulnerability in Administration pages in Cisco Secure Access Control System (ACS) allows remote malicious users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud75165.
Cisco Secure Access Control System -
NA
CVE-2013-3423
Cross-site scripting (XSS) vulnerability in the web interface in Cisco Secure Access Control System (ACS) allows remote malicious users to inject arbitrary web script or HTML via an unspecified field, aka Bug ID CSCud75174.
Cisco Secure Access Control System -
NA
CVE-2013-3421
Cross-site scripting (XSS) vulnerability in the Help index page in Cisco Secure Access Control System (ACS) allows remote malicious users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud75170.
Cisco Secure Access Control System -
NA
CVE-2013-3424
Cross-site request forgery (CSRF) vulnerability in Administration and View pages in Cisco Secure Access Control System (ACS) allows remote malicious users to hijack the authentication of arbitrary users, aka Bug ID CSCud75177.
Cisco Secure Access Control System -
NA
CVE-2013-3380
The administrative web interface in the Access Control Server in Cisco Secure Access Control System (ACS) does not properly restrict the report view page, which allows remote authenticated users to obtain sensitive information via a direct request, aka Bug ID CSCue79279.
Cisco Secure Access Control Server Solution Engine -
NA
CVE-2013-1200
Session fixation vulnerability in Cisco Secure Access Control System (ACS) allows remote malicious users to hijack web sessions via unspecified vectors, aka Bug ID CSCud95787.
Cisco Secure Access Control System -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »